<?php
if(!isset($_POST['submit'])){  
	exit('非法访问!');  
}
$usrname = htmlspecialchars($_POST['username']);  
//$password = MD5($_POST['userpwd']);
$password = $_POST['userpwd'];
include_once("conn.php");
$sql = "SELECT * FROM user WHERE name='$usrname' AND pwd='$password'";
$check_query= mysql_query($sql);
if($check_query){  
    //登录成功  
    session_start();
    $result = mysql_fetch_array($check_query);
    $_SESSION['username'] = $usrname;  
    $_SESSION['role'] = $result['role'];
?>
<script type="text/javascript">
	window.location.href = 'ck/ckbks.php';
</script>
<?php
} else { 
    exit('登录失败！点击此处 <a href="javascript:history.back(-1);">返回</a> 重试');  
}  
?>